Information Exposure Vulnerability in RT Software Affecting Version 4.4.1
CVE-2024-3262

5.5MEDIUM

Key Information:

Vendor: Best Practical Solutions
Status: Request Tracker
Vendor: CVE Published:; 4 April 2024

🔔 Create Best Practical Solutions Vulnerability Alert

What is CVE-2024-3262?

Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability allows an attacker with local access to the device to retrieve sensitive information about the application, such as vulnerability tickets, because the application stores the information in the browser cache, leading to information exposure despite session termination.

Affected Version(s)

Request Tracker 4.4.1

References

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 4, 2024

CVE-2024-3262 Data

JSON